The present invention relates to a technology for verifying identity of document data, and more specifically to a technology for verifying identity of document data that can manage identity of data stored in a file created from the original data. It should be noted that the term “identity” referred to in this specification shall simply have capability of detecting falsification of document data, and it shall not have to secure exactly the same data.
Conventionally, to distribute data upon confirming authenticity of data created by the data creation source and the identity of the data creation source as well, it was necessary to apply an electronic signature, etc. to the file created in the file format that was specified at the time of creating the data.
Suppose a case, for example, where business connections exist among companies A, B and C and data passing is conducted in this order, in which only document data of a first format (Excel (registered mark) data) is provided by the company A, and document data of a second and a third formats (XML (registered mark) data and PDF (registered mark) data) are required by the company B and the company C, respectively.
In such a case, normally, the company A puts an electronic signature on the Excel file created within the company and provides the file to the company B. The company B, after verifying the signature of the company A, converts the file to XML data, puts an electronic signature of the company on the Excel file provided by the company A, and then provides the file to the company C. Likewise, the company C, after verifying the signature of the company B, verifies the signature of the company A's data, and converts the data into the PDF format to manage the files. It should be noted that, for the example case, verification will not be possible after the expiry date of the certification. Prior arts that state the above-stated procedures include Japanese Patent Laid-open Nos. 8-329050 and 2003-22009 and U.S. Patent Application Publication No. 2004/139207.